 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 65
 Members: 0
 Total: 65
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Acunetix 4 ! |
|
 Posted: Sun Feb 03, 2008 1:21 pm |
 |
|
| sol1dzer0 |
| Regular user |
 |
|
| Joined: Jan 21, 2008 |
| Posts: 24 |
|
|
|
 |
|
 |
|
so i was reading some stuff andfind out this soft. so i give a try and downl. it ;D and try on some sytes...
anyway it works  for one syte i got like 76 cross syte scripting errors.. broken links. ect. anyway good soft.. so i scanned one Mu online server and get smth like this:
____________________________________________________________
It seemes that user credentials are sent to /shop/login.php in clear text.
This vulnerability affects /shop/login.php (GET username=&password=&remember=yup).
A third party may be able to read the user credentials by intercepting an unencrypted HTTP connection.
_____________________________________________________________
can i use it ?! is it possible to get in webshop ?!
if it's possible how can i do that ?! ^
p.s
______________________________________________________________
By this form input is possible to upload a file to the server.
This vulnerability affects /wow/templates/offlike/admin/index.php.
User may upload malicious files to server.
______________________________________________________________
ammm this directory brings me from that mu o. server to wow bc ;D i was like wtf ?! it's like an ftw serveri full with stuff ! what can upload in it ?! good suggestions !?
p.s when i try to fck something i got this: Warning: Invalid argument supplied for foreach() in c:\appserv\www\wow\templates\offlike\admin\admin.members.php on line 148
???? got any suggestions what can i do ?!
______________________________________________________________ |
|
|
|
|
|
|
|
|
| Posted: Sun Feb 03, 2008 1:49 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
"It seems that user credentials are sent to /shop/login.php in clear text" - this is pointing to the fact, that login is done via HTTP, not HTTPS. It's useless for you right now.
Upload stuff - Acunetix detected POST form with upload functionality, so it will GUESS that upload MAY be possible. It's up to you to exploit it, if possible. Without seeing source code it's hard to tell, why this error messages are popping up ... Try various things and look for error feedback  |
|
|
|
|
|
|
|
|
| Posted: Sun Feb 03, 2008 1:59 pm |
|
|
| sol1dzer0 |
| Regular user |
|
|
| Joined: Jan 21, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
| waraxe wrote: | "It seems that user credentials are sent to /shop/login.php in clear text" - this is pointing to the fact, that login is done via HTTP, not HTTPS. It's useless for you right now.
Upload stuff - Acunetix detected POST form with upload functionality, so it will GUESS that upload MAY be possible. It's up to you to exploit it, if possible. Without seeing source code it's hard to tell, why this error messages are popping up ... Try various things and look for error feedback |
yea i checked wow/ section and only thing witch allow me to uploadsmth is in skin section ''browse'' => ''upload'' ! but thats useles too x[ cuzz it gives me error.. !
anyway hope i will find smth good for use.. |
|
|
|
|
|
|
|
|
| Posted: Sun Feb 03, 2008 4:08 pm |
|
|
| sol1dzer0 |
| Regular user |
|
|
| Joined: Jan 21, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
| sol1dzer0 wrote: | | waraxe wrote: | "It seems that user credentials are sent to /shop/login.php in clear text" - this is pointing to the fact, that login is done via HTTP, not HTTPS. It's useless for you right now.
Upload stuff - Acunetix detected POST form with upload functionality, so it will GUESS that upload MAY be possible. It's up to you to exploit it, if possible. Without seeing source code it's hard to tell, why this error messages are popping up ... Try various things and look for error feedback |
yea i checked wow/ section and only thing witch allow me to uploadsmth is in skin section ''browse'' => ''upload'' ! but thats useles too x[ cuzz it gives me error.. !
anyway hope i will find smth good for use.. |
ok sry for many questions but i found XSS..
___________________________________________________
This vulnerability affects /smsshop/login.php
The GET variable rs has been set to --><ScRiPt%20%0a%0d>alert(1776102411)%3B</ScRiPt>.
can i do something with this or it's just useless.... :/
p.s i wont to steel cookies if it's posible but dont really know how it works... :/ ! |
|
|
|
|
|
|
|
|
| Posted: Sun Feb 03, 2008 5:05 pm |
|
|
| waraxe |
| Site admin |
|
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
| I can't see any interesting stuff, you can do with XSS here. Most useful security holes are local and remote file inclusions, remote code executions and sql injections - that's my opinion |
|
|
|
|
| Posted: Sun Feb 03, 2008 5:41 pm |
|
|
| sol1dzer0 |
| Regular user |
|
|
| Joined: Jan 21, 2008 |
| Posts: 24 |
|
|
|
|
|
|
|
| waraxe wrote: | | I can't see any interesting stuff, you can do with XSS here. Most useful security holes are local and remote file inclusions, remote code executions and sql injections - that's my opinion |
ok ;]  |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
